Page 1 of 1

Split DNS stops working when activating system wide DNS profile enabling encrypted DNS

Posted: Sat Feb 13, 2021 12:57 am
by HenrikWL
Installing the system profile available here: https://paulmillr.com/posts/encrypted-dns/ I am no longer able to resolve DNS lookups that are internal to the VPN network to which I am connecting.

Is there some magic permutation of settings in Viscosity I can use to make this work, or does the system profile installed simply override all DNS resolving and I just can't use it?

Re: Split DNS stops working when activating system wide DNS profile enabling encrypted DNS

Posted: Sat Feb 13, 2021 1:16 am
by James
Hi HenrikWL,

I'm afraid managed system profiles will override local network settings (by design).

It would likely be possible to alter the managed profile to include your VPN DNS server/s and the domains to be associated with them (I believe the option is named something like Supplemental Match Domains) however I'm afraid I have no idea how well this will work when the VPN connection isn't active. If you're familiar with managed system profiles you could give it a shot and see how it goes.

Now that DoH is in macOS it'll come to OpenVPN connections at some point. Right now there isn't a way to specify or push DoH servers for OpenVPN, but if it isn't something that gets added to the core project it's likely we'll put something together to support it.

Cheers,
James

Re: Split DNS stops working when activating system wide DNS profile enabling encrypted DNS

Posted: Sat Feb 13, 2021 1:35 am
by HenrikWL
Ok, thanks for the quick reply! Looks like it's duct tape hacks until a more robust solution is available then. :lol: